Home network access node usage prevention by blocking access node entries in a preferred roaming list

ABSTRACT

Embodiments disclosed herein provide systems and methods for blocking the use of a PRL by a wireless device to access nodes of a network controller. In a particular embodiment, a method provides receiving an access request for the wireless device to access the home wireless network and transferring an authentication request for the wireless device to an authentication system. The method further provides the authentication system receiving the authentication request, determining that the wireless device should not be allowed to access the home wireless network, and transferring a negative authentication response to the network controller. In response to receiving the authentication response, the method provides the network controller transferring a negative access response to the wireless device. In response to receiving the access response, the method provides the wireless device blocking the use of a Preferred Roaming List by the wireless device to access nodes of the network controller.

TECHNICAL BACKGROUND

Authorization systems in wireless communication networks maintaininformation concerning whether a wireless device should be allowed toaccess a wireless communication network. For example, an authorizationsystem may track whether the payments for a service plan of a wirelessdevice are up to date or whether service limits of the service plan havebeen reached in order to make a determination as to whether the wirelessdevice should receive authorization to access a wireless network. If theauthorization system determines that the wireless device is authorizedto access the wireless network, then the wireless device may proceed toexchange communications with the wireless network. However, if theauthorization system determines that the wireless device is notauthorized to access the wireless network, then the wireless device maycontinue to request access and be denied access to the wireless network.Even though wireless network access is denied, these repeated requestsstill use resources of the wireless network.

The wireless device is able to request access to the wireless networkthrough wireless access nodes for the wireless network. The wirelessdevice finds and transfers access requests to these access nodes usinginformation found in a preferred roaming list (PRL). The PRL may containentries for access nodes of multiple wireless networks. If the entriesfor access nodes of a particular wireless network are not listed in thePRL, then the wireless device will be unable to communicate with thatwireless network regardless of whether the wireless device would beallowed to access that wireless network.

OVERVIEW

Embodiments disclosed herein provide systems and methods for blockingthe use of a PRL by a wireless device to access nodes of a networkcontroller. In a particular embodiment, a method provides, in a networkcontroller that serves a geographic area of a home wirelesscommunication network where a wireless communication device is located,receiving an access request for the wireless communication device toaccess the home wireless communication network and transferring anauthorization request for the wireless communication device to anauthentication system. The method further provides, in theauthentication system, receiving the authentication request, determiningthat the wireless communication device should not be allowed to accessthe home wireless communication network, and transferring anauthentication response to the network controller indicating that thewireless communication device is not authorized to access the homewireless communication network. The method further provides, in thenetwork controller, in response to receiving the authenticationresponse, transferring an access response to the wireless communicationdevice that indicates that the wireless communication device is notauthorized to access the home wireless communication network. The methodfurther provides, in the wireless communication device, in response toreceiving the access response, blocking the use of a Preferred RoamingList (PRL) by the wireless communication device to access nodes of thenetwork controller.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a wireless communication system for blocking the useof a PRL by a wireless device to access nodes of a network controller.

FIG. 2 illustrates the operation of the wireless communication systemfor blocking the use of a PRL by a wireless device to access nodes of anetwork controller.

FIG. 3 illustrates a wireless communication system for blocking the useof a PRL by a wireless device to access nodes of a network controller.

FIG. 4 illustrates the operation of the wireless communication systemfor blocking the use of a PRL by a wireless device to access nodes of anetwork controller.

FIG. 5 illustrates example PRLs used when blocking the use of a PRL by awireless device to access nodes of a network controller.

FIG. 6 illustrates the operation of the wireless communication systemfor blocking the use of a PRL by a wireless device to access nodes of anetwork controller.

FIG. 7 illustrates a wireless communication device for blocking the useof a PRL by a wireless device to access nodes of a network controller.

DETAILED DESCRIPTION

The following description and associated figures teach the best mode ofthe invention. For the purpose of teaching inventive principles, someconventional aspects of the best mode may be simplified or omitted. Thefollowing claims specify the scope of the invention. Note that someaspects of the best mode may not fall within the scope of the inventionas specified by the claims. Thus, those skilled in the art willappreciate variations from the best mode that fall within the scope ofthe invention. Those skilled in the art will appreciate that thefeatures described below can be combined in various ways to formmultiple variations of the invention. As a result, the invention is notlimited to the specific examples described below, but only by the claimsand their equivalents.

FIG. 1 illustrates wireless communication system 100 for blocking theuse of a PRL by a wireless device to access nodes of a networkcontroller. Wireless communication system 100 includes wirelesscommunication device 101, network controller 102, authentication system103, and home wireless communication network 104. Wireless communicationdevice 101 and network controller 102 communicate over wireless link111. Network controller 102 and home wireless network 104 communicateover communication link 112. Home wireless network 104 andauthentication system 103 communicate over communication link 113.

In operation, when wireless device 101 attempts to exchangecommunications with a wireless communication network, wireless device101 uses a preferred roaming list (PRL) to find access nodes thatfacilitate communication exchanges with wireless communication networks,such as home wireless network 104. A PRL includes information necessaryfor a wireless device to attempt to exchange communications with anaccess node. For example, each entry in a PRL for an access node mayinclude the frequency bands, sub bands, and a service provideridentifier associated with the access node.

Entries for access nodes in the PRL stored on wireless device 101 aresorted so that a wireless device attempts to connect to access nodes ofhome wireless network 104 before attempting to connect to access nodesof a visited wireless network. The PRL gives preference to access nodesof home wireless network 104 because wireless device 101 is associatedwith home wireless network 104. Wireless device 101 may be associatedwith home wireless network 104 because a user, employer of the user,etc., of wireless device 101 is a customer of services provided by homewireless network 104. Access nodes of home wireless network 104 arepreferred because the operator of home wireless network 104 may haveless control over the service provided to wireless device 101 whenwireless device 101 is communicating with a visited wireless network,wireless network 104 may be charged by a visited wireless network forallowing wireless device 101 to access the visited wireless network, orany other reason why access nodes on home wireless network 104 would bepreferred over those on a visited wireless network.

Therefore, when wireless device 101 begins the process of connectingwith a wireless access node, wireless device 101 first attempts toconnect with a wireless access node of home wireless network 104 inaccordance with the PRL stored on wireless device 101. These accessattempts by wireless device 101 use network resources, such asprocessing capacity of network controller 102, regardless of whether thewireless device 101 is allowed to access home wireless network 102 inresponse to the access attempt.

FIG. 2 illustrates the operation of wireless communication system 100for blocking the use of a PRL by a wireless device to access nodes of anetwork controller. In operation, network controller 102 controls andprovides service to one or more access nodes in a geographic areacovered by home wireless network 104 where wireless device 101 islocated. Network controller 102 may be a base station controller, amobile switching center, or any other type of network controller. Whenwireless device 101 attempts to access home wireless network 104,network controller 102 receives an access request for wireless device101 to access home wireless network 104 (step 200). Wireless device 101transfers the access request to network controller 102 via one of theaccess nodes controlled by network controller 102 that wireless device101 is able access using access node information found in a PRL storedon wireless device 101.

After receiving the access request from wireless device 101, networkcontroller 102 transfers an authentication request for wireless device101 to authentication system 103 (step 202). Authentication system 103may include billing information for wireless device 101, service planinformation for wireless device 101, or any other type of informationrelevant to ability of wireless device 101 to access home wirelessnetwork 104.

In this example, authentication system 103 receives the authenticationrequest and determines that wireless device 101 should not be allowed toaccess home wireless network 104 (step 204). Wireless device 101 may notbe authenticated because the service account associated with wirelessdevice 101 is past due on billing payments, a service limit has beenreached, the service account with wireless device 101 may have beencanceled, or for any other reason why a wireless device may not beauthorized to access a home wireless network. In other examples,authentication system 103 may determine that wireless device 101 shouldbe allowed to access home wireless network 104.

Authentication system 103 transfers an authentication response tonetwork controller 102 indicating that wireless device 101 is notallowed to access home wireless network 104 (step 206). Theauthentication response may be any type of signaling or message that anauthentication system may use to report that a wireless device is notauthorized to communicate with home wireless network 104.

In response to receiving the authentication response, network controller102 transfers an access response to wireless device 101 indicating thatwireless device 101 is not authorized to access home wireless network104 (step 208). The access response may be any type of signal or messagethat a network controller may use to indicate to a wireless device thatthe wireless device is not authorized to access a wireless network. Insome embodiments, the access response may include an indicator, such asa flag, that provides an additional indication that wireless device 101is a rogue device that will not be allowed to access home wirelessnetwork 104.

In response to receiving the access response, wireless device 101 blocksthe use of a PRL by the wireless communication device to access nodes ofthe network controller (step 210). Wireless device 101 may block the useof the PRL by deleting the entries in the PRL for access nodescontrolled by network controller 102, by marking the entries in a mannerso as wireless device 101 does not use the entries, by moving theentries from the PRL to a storage area on wireless device 101 where theentries cannot be used by wireless device 101 to connect to the accessnodes of network controller 102, or by otherwise preventing the use ofthe entries by wireless device 101 to connect to the access nodes ofnetwork controller 102. Wireless device 101 may have a software element,such as an application that executes on wireless device 101 or code thatis part of the firmware of wireless device 101, which recognizes theaccess response or an indicator in the access response and performs theblocking functionality on the PRL of wireless device 101.

Since only the entries for access nodes of network controller 102 areblocked, wireless device 101 may still use entries in the PRL for accessnodes of a visited wireless network to attempt to connect to the visitedwireless network. When wireless device 101 attempts to connect to thevisited wireless network, the visited wireless network will still queryauthentication system 103 to determine whether the visited wirelessnetwork should allow access to wireless device 101. At that timeauthentication system 103 will indicate to the visited wireless networkthat wireless device 101 should not be allowed access to visitedwireless network. Therefore, after blocking the entries for access nodesof network controller 102 on the PRL, wireless device 101 can continueto request network access through a visited wireless network withoutusing the resources of network controller 102 and other elements of homewireless network 104, such as the access nodes of network controller102.

In some embodiments, if authentication system 103 determines thatwireless device 101 is allowed to access home wireless network 104, thenthe authorization and access responses will indicate to wireless device101 that wireless device 101 is allowed to access home wireless network104. After receiving the access response, wireless device 101 does notblock entries in the PRL and exchanges communications with home wirelessnetwork 104.

Referring back to FIG. 1, wireless communication device 101 comprisesRadio Frequency (RF) communication circuitry and an antenna. The RFcommunication circuitry typically includes an amplifier, filter,modulator, and signal processing circuitry. Wireless communicationdevice 101 may also include a user interface, memory device, software,processing circuitry, or some other communication components. Wirelesscommunication device 101 may be a telephone, computer, e-book, mobileInternet appliance, wireless network interface card, media player, gameconsole, or some other wireless communication apparatus—includingcombinations thereof.

Network controller 102 comprises a computer system and communicationinterface. Network controller 102 may also include other components sucha router, server, data storage system, and power supply. Networkcontroller 102 may reside in a single device or may be distributedacross multiple devices. Network controller 102 is shown externally tohome wireless network 104, but controller 102 could be integrated withinthe components of home wireless network 104. Network controller 102could be a mobile switching center, network gateway system, Internetaccess node, application server, service node, or some othercommunication system—including combinations thereof.

Authentication system 103 comprises a computer system and communicationinterface. Authentication system 103 may also include other componentssuch as a router, server, data storage system, and power supply.Authentication system 103 may reside in a single device or may bedistributed across multiple devices. Authentication system 103 is shownexternally to home wireless network 104, but system 103 could beintegrated within the components of home wireless network 104.Authentication system 103 could be a network gateway system, Internetaccess node, application server, service node, or some othercommunication system—including combinations thereof.

Home wireless communication network 104 comprises network elements thatprovide communications services to wireless device 101 through networkcontroller 102. Home wireless communication network 104 may compriseswitches, wireless access nodes, Internet routers, network gateways,application servers, computer systems, communication links, or someother type of communication equipment—including combinations thereof.

Wireless link 111 uses the air or space as the transport media. Wirelesslink 111 may use various protocols, such as Code Division MultipleAccess (CDMA), Evolution Data Only (EVDO), Worldwide Interoperabilityfor Microwave Access (WIMAX), Global System for Mobile Communication(GSM), Long Term Evolution (LTE), Wireless Fidelity (WIFI), High SpeedPacket Access (HSPA), or some other wireless communication format.Communication links 112-113 use metal, glass, air, space, or some othermaterial as the transport media. Communication links 112-113 could usevarious communication protocols, such as Time Division Multiplex (TDM),Internet Protocol (IP), Ethernet, communication signaling, CDMA, EVDO,WIMAX, GSM, LTE, WIFI, HSPA, or some other communicationformat—including combinations thereof. Communication links 112-113 couldbe direct links or may include intermediate networks, systems, ordevices.

FIG. 3 illustrates wireless communication system 300 for blocking theuse of a PRL by a wireless device to access nodes of a networkcontroller. Wireless communication system 300 includes wirelesscommunication device 301, base transceiver stations (BTSs) 302-305,radio network controller (RNC) 306, authentication, authorization, andaccounting system (AAA) 308, home wireless communication network 309,and visited wireless communication network 310. PRL blocking software311 is executing on wireless communication device 301.

RNC 306 controls BTSs 302 and 303 and may control other BTSs not shownin FIG. 3 for clarity. The BTSs controlled by RNC 306 cover a geographicarea, such as a city, county, state, region, or any other geographicarea designation, large or small, which may be limited by the wirelesssignal range of the BTSs themselves. Home wireless network 309 mayinclude other RNCs that control BTSs in geographic areas outside of thegeographic area covered by RNC 306. BTSs 304 and 305 may also becontrolled by an RNC of visited network 310 although the RNC is notshown in FIG. 3 for clarity.

FIG. 4 illustrates the operation of wireless communication system 300for blocking the use of a PRL by a wireless device to access nodes of anetwork controller. In operation, wireless device 301 is located in thegeographic area covered by the BTSs controlled by RNC 306. Wirelessdevice 301 attempts to access home wireless network 309 by referencing aPRL stored on wireless device 301. The PRL indicates to wireless device301 that wireless device 301 should use BTS 303 to request access tohome wireless network 309. Wireless device 301 then uses the informationprovided by the PRL to transfer an access probe to RNC 306 via BTS 303.

In response to receiving the access probe, RNC 306 transfers anauthentication request to AAA 308 so that AAA 308 can inform RNC 306about whether to allow wireless device 301 to access home wirelessnetwork 309. AAA 308 receives the authentication request and determineswhether to authenticate wireless device 301 in order to allow wirelessdevice 301 to access home wireless network 309. In this example, inresponse to receiving the authentication request, AAA 308 determinesthat wireless device 301 is not allowed to access home wireless network309. Upon making this determination, AAA 308 further designates wirelessdevice 301 as a rogue device. AAA 308 may make this designation after asingle failed authentication request from wireless device 301 as shownin FIG. 4.

Alternatively, AAA 308 may make the rogue designation after a number ofauthentication requests for wireless device 301 are denied. In thatcase, wireless device 301 will only be designated a rogue device ifwireless device 301 continues to transfer access probes to RNC 306through either BTS 302 or 303 that are denied authentication by AAA 308.

After AAA 308 designates that wireless device 301 is a rogue device, AAA308 transfers a message to RNC 306 indicating that wireless device 301is a rogue device. In turn, RNC 306 transfers an acknowledgment messageto the access probe that, in addition to indicating that wireless device301 is not allowed to access home wireless network 309, includes a roguedevice flag indicating that wireless device 301 is a rogue device. Therogue device flag will indicate to PRL blocking software 311 that PRLblocking software 311 should delete entries in the PRL for BTSs of RNC306. Hence, actions performed in response to wireless device 301receiving the rogue device flag will prevent wireless device 301 fromcontinuing to request network access through BTS 302 or 303.

Wireless device 301 receives the acknowledgment message and, uponreceiving the acknowledgment message, PRL blocking software 311recognizes the flag in the acknowledgment message. In response torecognizing the flag, PRL blocking software deletes the entries of BTSscontrolled by RNC 306, including BTSs 302 and 303, from the PRL ofwireless device 301.

FIG. 5 illustrates example PRLs for wireless device 301 before and afterPRL blocking software deletes the entries of the BTSs controlled by RNC306. A BTS number corresponding to the BTSs of FIG. 3 signifies entriesin each PRL. It should be understood that each entry may include thefrequency bands, sub bands, and a service provider identifier associatedwith the indicated BTS, or any other information about BTSs to whichwireless device 301 may connect.

PRL 500 is an example of the PRL stored on wireless device 301 with allentries intact. BTSs 303 and 302 of home wireless network 309 are listedfirst so that wireless device 301 at its current location will attemptto access home wireless network 309 before attempting to access visitedwireless network 310. PRL 500 may include further entries of BTSs forboth RNC 306 and of visited wireless network 310 that are not shown.These additional BTSs may cover locations further away from the currentlocation of wireless device 301 and, therefore, are not preferred forcommunications over those listed at the top of PRL 500.

After PRL blocking software 311 recognizes the flag in theacknowledgment message from RNC 306, PRL blocking software 311 deletesthe entries in PRL 500 for BTSs 302, 303, and any other BTS of RNC 306.PRL 501 is a resulting PRL containing entries for only the BTSs ofvisited wireless network 310. In other embodiments, instead of deletingthe entries, PRL blocker 311 may simply move the entries for BTSs 302and 303 out of PRL 500 for later retrieval, may mark the entries forBTSs 302 and 303 in a manner so as wireless device 301 does not use theentries, or may otherwise prevent wireless device 301 from accessingentries for BTSs 302 and 303.

Once PRL blocking software 311 has deleted the entries for BTSs 302 and303, wireless device 301 will only be able to request access on aroaming basis to visited wireless network 310 via BTSs 304 and 305. Asfar as wireless device 301 is concerned, BTSs 302 and 303 do not existbecause they are not indicated in PRL 501. Upon making the accessrequest to visited wireless network 310, visited wireless network 310will query AAA 308 to determine whether wireless device 310 is allowedto roam on visited wireless network 310. Unless the status of wirelessdevice 310 has changed in AAA 308, AAA 308 will notify visited wirelessnetwork 310 that wireless device 301 is not allowed to roam on visitedwireless network 310.

Wireless device 301 may continue transfer access attempts to visitedwireless network 310 and continue to be denied access to visitedwireless network 310 by AAA 308. If the entries for BTSs 302 and 303 hadnot been deleted from PRL 500, then wireless device 301 would continueto use resources of BTSs 302 and 303, RNC 306, and other elements ofhome wireless network 309 as these access attempts to persist. Instead,using PRL 501 frees up the resources so that the resources can be usedto service wireless devices that are allowed to access home wirelessnetwork 309.

FIG. 6 illustrates the operation of wireless communication system 300for unblocking the use of a PRL by a wireless device to access nodes ofa network controller. As described above, once entries for BTSs 302 and303 deleted from the PRL of wireless device 301, wireless device 301 maycontinue to transfer access probes to BTSs of visited wireless network310. In this example, wireless device 301 transfers an access probe tovisited wireless network 310 through BTS 304 because BTS 304 is thepreferred BTS in accordance with PRL 501. In response to the accessprobe, visited wireless network 310 transfers an authorization requestto AAA 308.

At some point before AAA 308 receives the authorization request, thestatus of wireless device 301 may change in AAA 308, which now indicatesthat wireless device 301 is no longer a rogue device and allows wirelessdevice 301 to receive wireless network access. For example, delinquentbilling payments that caused the PRL entries to be deleted may have beensatisfied for the service plan account of wireless device 301.Therefore, instead of continuing to deny authorization for wirelessdevice 301 to access visited wireless network 310, AAA 308 transfers anacknowledgment message to visited wireless network 310 indicating thewireless device 301 is authorized for access to visited wireless network310. Similarly, AAA 308 may transfer a notifier to RNC 306 indicatingthat wireless device 301 is no longer a rogue device.

In response to receiving the authentication acknowledgment, visitedwireless network 310 transfers an access acknowledgment message thatindicates to wireless device 301 that wireless device 301 is allowed toaccess visited wireless network 310. Wireless device 301 can thenexchange communications with visited wireless network 310 through BTS304. Additionally, PRL blocking software 311 recognizes that wirelessdevice 301 has been allowed to obtain network access and is no longer arogue device. Responsively, PRL blocker 311 is ready to receive a newPRL that replaces the entries for access nodes of RNC 306 that weredeleted. RNC 306 may transfer the new PRL through visited wirelessnetwork 310 in response to receiving the notifier from AAA 308 or PRLblocker 311 may transfer a request for the new PRL to RNC 306 throughvisited wireless network 310. The new PRL may include only the entriesof BTSs 302, 303, and any other BTS of RNC 306 that was deleted or thenew PRL may be a complete replacement PRL that includes both the deletedentries and the entries that were not deleted.

Upon receiving the new PRL, PRL blocking software 311 updates the PRLstored on wireless device 301 so that wireless device 301 can once againaccess home wireless network 309 via BTSs 302 and 303 using entries inthe PRL for BTSs 302 and 303.

FIG. 7 illustrates wireless communication device 700. Wirelesscommunication device 700 is an example of wireless communication device101, although device 101 could use alternative configurations. Wirelesscommunication device 700 comprises wireless communication interface 701,user interface 702, and processing system 703. Processing system 703 islinked to wireless communication interface 701 and user interface 702.Processing system 703 includes processing circuitry 705 and memorydevice 706 that stores operating software 707. Wireless communicationdevice 700 may include other well-known components such as a battery andenclosure that are not shown for clarity. Wireless communication device700 may be a telephone, computer, e-book, mobile Internet appliance,media player, game console, wireless network interface card, or someother wireless communication apparatus—including combinations thereof.

Wireless communication interface 701 comprises RF communicationcircuitry and an antenna. The RF communication circuitry typicallyincludes an amplifier, filter, RF modulator, and signal processingcircuitry. Wireless communication interface 701 may also include amemory device, software, processing circuitry, or some othercommunication device. Wireless communication interface 701 may usevarious protocols, such as CDMA, EVDO, WIMAX, GSM, LTE, WIFI, HSPA, orsome other wireless communication format.

Wireless communication interface 701 is configured to transfer an accessrequest for wireless communication device 700 to access a home wirelesscommunication network where wireless communication device 700 islocated, wherein a network controller that serves a geographic area ofthe home wireless communication network receives the access request andtransfers an authentication request for the wireless communicationdevice to an authentication system, wherein the authentication systemreceives the authentication request, determines that wirelesscommunication device 700 should not be allowed to access the homewireless communication network, and transfers an authentication responseto the network controller indicating that wireless communication device700 is not authorized to access the home wireless communication network,and wherein, in response to receiving the authentication response, thenetwork controller transfers an access response to wirelesscommunication device 700 that indicates that wireless communicationdevice 700 is not authorized to access the home wireless communicationnetwork. Wireless communication interface 701 is further configured toreceive the access response from the network controller.

User interface 702 comprises components that interact with a user toreceive user inputs and to present media and/or information. Userinterface 702 may include a speaker, microphone, buttons, lights,display screen, touch screen, touch pad, scroll wheel, communicationport, or some other user input/output apparatus—including combinationsthereof. User interface 702 may omitted in some examples.

Processing circuitry 705 comprises microprocessor and other circuitrythat retrieves and executes operating software 707 from memory device706. Memory device 706 comprises a non-transitory storage medium, suchas a disk drive, flash drive, data storage circuitry, or some othermemory apparatus. Processing circuitry 705 is typically mounted on acircuit board that may also hold memory device 706 and portions ofcommunication interface 701 and user interface 702. Operating software707 comprises computer programs, firmware, or some other form ofmachine-readable processing instructions. Operating software 707 mayinclude an operating system, utilities, drivers, network interfaces,applications, or some other type of software. When executed byprocessing circuitry 705, operating software 707 directs processingsystem 703 to operate wireless communication device 700 as describedherein. In particular, operating software 707 directs processing system703 to block the use of a PRL by wireless communication device 700 toaccess nodes of the network controller.

The above description and associated figures teach the best mode of theinvention. The following claims specify the scope of the invention. Notethat some aspects of the best mode may not fall within the scope of theinvention as specified by the claims. Those skilled in the art willappreciate that the features described above can be combined in variousways to form multiple variations of the invention. As a result, theinvention is not limited to the specific embodiments described above,but only by the following claims and their equivalents.

What is claimed is:
 1. A method of operating a wireless communicationsystem, comprising: in a network controller that serves a geographicarea of a home wireless communication network where a wirelesscommunication device is located, receiving an access request for thewireless communication device to access the home wireless communicationnetwork and transferring an authorization request for the wirelesscommunication device to an authentication system; in the authenticationsystem, receiving the authorization request, determining that thewireless communication device should not be allowed to access the homewireless communication network, and transferring an authenticationresponse to the network controller indicating that the wirelesscommunication device is not authorized to access the home wirelesscommunication network; in the network controller, in response toreceiving the authentication response, transferring an access responseto the wireless communication device that indicates that the wirelesscommunication device is not authorized to access the home wirelesscommunication network; and in the wireless communication device, inresponse to receiving the access response, blocking the use of aPreferred Roaming List (PRL) by the wireless communication device toaccess nodes of the network controller.
 2. The method of claim 1,wherein blocking the use of the PRL comprises deleting entries in thePRL for the access nodes of the network controller.
 3. The method ofclaim 1, further comprising: in the network controller, in response to adetermination that the wireless communication device is authorized toaccess the home wireless communication network, wherein thedetermination occurs at a time after the access response is transferred,transferring a message to the wireless communication device thatindicates that the wireless communication device can access the homewireless communication network; in the wireless communication device, inresponse to receiving the message, unblocking the use of the PRL by thewireless communication device to access nodes of the network controller.4. The method of claim 3, wherein blocking the use of the PRL comprisesdeleting entries in the PRL for the access nodes of the networkcontroller and unblocking the use of the PRL comprises, in the wirelesscommunication device, receiving the entries in the PRL for the accessnodes of the network controller that were previously deleted.
 5. Themethod of claim 4, wherein the entries in the PRL are received over avisited wireless communication network.
 6. The method of claim 1,wherein blocking the use of the PRL comprises preventing the wirelesscommunication device from accessing entries in the PRL for the accessnodes of the network controller.
 7. The method of claim 1, whereinblocking the use of the PRL is performed by an application executing onthe wireless communication device.
 8. The method of claim 1, furthercomprising: in the wireless communication device, requesting access to avisited wireless communication network via an unblocked access node inthe PRL; in the authentication system, receiving an authorizationrequest for the wireless communication device from the visited wirelesscommunication network and denying the authorization request.
 9. Themethod of claim 1, wherein the network controller is a base stationcontroller.
 10. The method of claim 1, wherein the network controller isa radio network controller.
 11. A wireless communication system,comprising: a network controller that serves a geographic area of a homewireless communication network where a wireless communication device islocated configured to receive an access request for the wirelesscommunication device to access the home wireless communication networkand transfer an authorization request for the wireless communicationdevice to an authentication system; the authentication system configuredto receive the authorization request, determine that the wirelesscommunication device should not be allowed to access the home wirelesscommunication network, and transfer an authentication response to thenetwork controller indicating that the wireless communication device isnot authorized to access the home wireless communication network; thenetwork controller further configured to, in response to receiving theauthentication response, transfer an access response to the wirelesscommunication device that indicates that the wireless communicationdevice is not authorized to access the home wireless communicationnetwork; and the wireless communication device configured to, inresponse to receiving the access response, block the use of a PreferredRoaming List (PRL) by the wireless communication device to access nodesof the network controller.
 12. The wireless communication system ofclaim 11, wherein the wireless communication device is configured toblock the use of the PRL by deleting entries in the PRL for the accessnodes of the network controller.
 13. The wireless communication systemof claim 11, further comprising: the network controller furtherconfigured to, in response to a determination that the wirelesscommunication device is authorized to access the home wirelesscommunication network, wherein the determination occurs at a time afterthe access response is transferred, transfer a message to the wirelesscommunication device that indicates that the wireless communicationdevice can access the home wireless communication network; the wirelesscommunication device further configured to, in response to receiving themessage, unblock the use of the PRL by the wireless communication deviceto access nodes of the network controller.
 14. The wirelesscommunication system of claim 13, wherein the wireless communicationdevice is configured to block the use of the PRL by deleting entries inthe PRL for the access nodes of the network controller and to unblockthe use of the PRL by receiving the entries in the PRL for the accessnodes of the network controller that were previously deleted.
 15. Thewireless communication system of claim 14, wherein the wirelesscommunication device is configured to receive the entries in the PRLover a visited wireless communication network.
 16. The wirelesscommunication system of claim 11, wherein the wireless communicationdevice is configured to block the use of the PRL by preventing thewireless communication device from accessing entries in the PRL for theaccess nodes of the network controller.
 17. The wireless communicationsystem of claim 11, wherein the wireless communication device executesan application to block the use of the PRL.
 18. The wirelesscommunication system of claim 11, further comprising: the wirelesscommunication device configured to request access to a visited wirelesscommunication network via an unblocked access node in the PRL; theauthentication system configured to receive an authorization request forthe wireless communication device from the visited wirelesscommunication network and deny the authorization request.
 19. Thewireless communication system of claim 11, wherein the networkcontroller is a base station controller.
 20. The wireless communicationsystem of claim 11, wherein the network controller is a radio networkcontroller.